ab6e77fc60fbeaa76a255eda1dbd987c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab6e77fc60fbeaa76a255eda1dbd987c_JaffaCakes118
Size

154KB
MD5

ab6e77fc60fbeaa76a255eda1dbd987c
SHA1

2c9a8f990991f94cfbb7249a4eb26d304094beba
SHA256

511d353e1a3b74b8c07f8d792f10702e916f7c8eeeeb5b4eab86aa7fafb2e416
SHA512

dd1139a12e22be738c3b6aaa02fcdc944e417e657191c184af8b7232e41fa250359f066886106582ee715b46be5b88f1000d582be815cb1d35862e6a97ef3580
SSDEEP

3072:tYJs0UphNYUjwBb3XH5KVkyNSQaKpDnA0wG3I2SvYbnj:mJsH7NYBBbAVkynj0+3IZEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab6e77fc60fbeaa76a255eda1dbd987c_JaffaCakes118

Files

ab6e77fc60fbeaa76a255eda1dbd987c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5019c676796ddcaa89073490dd7fdcd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapCreate
RaiseException
SetFilePointer
ExitProcess

msvcrt

wcscmp
_exit
exit
wcslen
wcscpy
swscanf
free

user32

ScreenToClient
GetMenu

oleaut32

OleTranslateColor
SafeArrayAllocDescriptor
OleLoadPicturePath
VarBstrCmp

shlwapi

SHEnumKeyExA
StrToIntA
SHDeleteValueA
PathBuildRootA

Exports

Exports

OpenCaptureDevice

Sections

.text
Size: 76KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ